Canada’s cyber-attack response centre has been operating only during daytime hours, says a new report from the federal spending watchdog.

Auditor General of Canada Michael Ferguson speaks following the release of the 2012 Fall Report in Ottawa, Tuesday Oct. 23, 2012 .

By:Joanna SmithOttawa Bureau, Published on Tue Oct 23 2012

OTTAWA—Ottawa’s cyber-attack response centre meant to monitor threats to online security around the clock has been operating only during daytime hours, says a new report from the federal spending watchdog.

And the response centre, meant to serve as the “nerve centre” for the federal government’s cyber security strategy, has routinely been kept in the dark about hacking attacks, according to a new report from the auditor general.

Opposition MPs jumped on the revelation, which comes just days after Public Safety Minister Vic Toews highlighted the need for increased cyber-security.

“Cybercriminals do not keep bankers’ hours. I wonder why the Government of Canada should be keeping those hours when cybercriminals are working 24 hours a day,” Liberal interim leader Bob Rae said in the Commons.

The federal public safety department created the Canadian Cyber Incident Reponse Centre (CCIRC) in 2005 to help reduce the risk to critical infrastructure by monitoring and analyzing cyber threats to non-government systems 24 hours a day, seven days a week and providing the latest and best advice for protecting against attacks.

Not so much, says the report, which also concluded that despite several incarnations of cyber security strategies and an estimated $780 million in funding since 2001, the federal government has been slow to meet its own goals.

The response centre was staffed to operate only from 8 a.m. to 4 p.m. five days a week, the audit found, although the federal government operations centre can page someone on call if a cyber attack or threat is reported after hours.

But the audit report says the centre should be working around-the-clock to ensure “timely detection and notification” of cyber threats as well as communicating with foreign allies working in different time zones.

“It’s important to have one place that can then take all of that information and figure out whether the threat is greater than the sum of the incidents,” Auditor General Michael Ferguson told reporters.

“We think it’s important that there be an organization that will collect and organize and connect all the dots.”

Toews reacted quickly to the revelation, announcing that starting Nov. 5, the centre would be operating 15 hours a day, seven days a week, with “experts on call around the clock when needed.”

He defended the government’s cyber-security record, saying it had made “exceptional progress” in the face of emerging technological threats.

“The dynamic nature of the cyber threat is one thing governments have had to learn to respond to,” he said

He says computer networks owned by government and private companies are “attacked by ordinary hackers and organized crime and indeed state actors on a constant basis.”

Some business owners and operators are confused about who in the federal government, if anyone, should be told about cyber security incidents, and say others don’t even know the response centre exists.

This prevents the response centre from fully analyzing the cyber security landscape and hampers its ability to give advice to on how to protect against the latest cyber threats, says the report. “A lack of timely and relevant information and analyses affects the ability of critical infrastructure owners and operators to react to cyber attacks that may cause disruptions,” says the report.

The report notes that even when hackers traced back to China targeted networks at the Treasury Board and Department of Finance in January 2011, no one even told the response centre about the incident until a week after it happened.

Communications Security Establishment Canada (CSEC) took over responsibility for protecting government information systems from cyber threats from the response centre last year, but the audit found that despite the fact that the two agencies are supposed to be working together, CSEC does not routinely share things with CCIRC.

“CSEC told us it was concerned about sharing information because of the sensitive nature of the information it collects, such as classification levels or the sensitivities of client departments,” says the audit.

The audit says they were supposed to have worked things out by August 2011, but have now agreed to resolve things by Nov. 30 and a CCIRC employee has been working at CSEC to make collaboration easier.

Public Safety Minister Vic Toews announced last week the Conservative government would commit $155 million over five years to boost the capacity of the response centre.

The announcement came a week after U.S. Defence Secretary Leon Panetta warned American business, financial and transport computer systems may be vulnerable to devastating attacks and called on legislators to pass new laws to strengthen cyber-protections below the border.

Those comments came after the U.S. House of Representatives Intelligence Committee warned against doing business with Huawei Technologies Co Ltd. and ZTE Corp. — two Chinese telecommunications giants — because they could potentially be used for Chinese spying operations.

Huawei has sold equipment to major Canadian telecommunication companies.

The allegations are being referred to the U.S. Justice Department and Department of Homeland Security.

The 2010-11 annual report of the Canadian Security Intelligence Service said both the federal government and the private sector are frequent targets of cyber attacks.

“The Government of Canada is now witnessing serious attempts to penetrate its networks on a daily basis,” said that report.

More on thestar.com

We value respectful and thoughtful discussion. Readers are encouraged to flag comments that fail to meet the standards outlined in our
Community Code of Conduct.
For further information, including our legal guidelines, please see our full website
Terms and Conditions.